summaryrefslogtreecommitdiffstats
path: root/test/modules/tls/conf.py
blob: b34f746004cf04f6e0a43ebfafc3b230d9745a89 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
import os
from typing import List, Dict, Any

from pyhttpd.conf import  HttpdConf
from pyhttpd.env import HttpdTestEnv


class TlsTestConf(HttpdConf):

    def __init__(self, env: HttpdTestEnv, extras: Dict[str, Any] = None):
        extras = extras if extras is not None else {}
        super().__init__(env=env, extras=extras)

    def start_tls_vhost(self, domains: List[str], port=None, ssl_module=None):
        if ssl_module is None:
            if not self.env.has_shared_module("tls"):
                ssl_module = "mod_ssl"
            else:
                ssl_module = 'mod_tls'
        super().start_vhost(domains=domains, port=port, doc_root=f"htdocs/{domains[0]}", ssl_module=ssl_module)

    def end_tls_vhost(self):
        self.end_vhost()

    def add_tls_vhosts(self, domains: List[str], port=None, ssl_module=None):
        for domain in domains:
            self.start_tls_vhost(domains=[domain], port=port, ssl_module=ssl_module)
            self.end_tls_vhost()

    def add_md_vhosts(self, domains: List[str], port = None):
        self.add([
            f"LoadModule md_module       {self.env.libexec_dir}/mod_md.so",
            "LogLevel md:debug",
        ])
        for domain in domains:
            self.add(f"<MDomain {domain}>")
            for cred in self.env.ca.get_credentials_for_name(domain):
                cert_file = os.path.relpath(cred.cert_file, self.env.server_dir)
                pkey_file = os.path.relpath(cred.pkey_file, self.env.server_dir) if cred.pkey_file else cert_file
                self.add([
                    f"    MDCertificateFile {cert_file}",
                    f"    MDCertificateKeyFile {pkey_file}",
                    ])
            self.add("</MDomain>")
            if self.env.has_shared_module("tls"):
                ssl_module= "mod_tls"
            else:
                ssl_module= "mod_ssl"
            super().add_vhost(domains=[domain], port=port, doc_root=f"htdocs/{domain}",
                              with_ssl=True, with_certificates=False, ssl_module=ssl_module)

    def add_md_base(self, domain: str):
        self.add([
            f"LoadModule md_module       {self.env.libexec_dir}/mod_md.so",
            "LogLevel md:debug",
            f"ServerName {domain}",
            "MDBaseServer on",
        ])
        self.add(f"TLSEngine {self.env.https_port}")
        self.add(f"<MDomain {domain}>")
        for cred in self.env.ca.get_credentials_for_name(domain):
            cert_file = os.path.relpath(cred.cert_file, self.env.server_dir)
            pkey_file = os.path.relpath(cred.pkey_file, self.env.server_dir) if cred.pkey_file else cert_file
            self.add([
                f"MDCertificateFile {cert_file}",
                f"MDCertificateKeyFile {pkey_file}",
            ])
        self.add("</MDomain>")